Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:2901-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2020-26558 ( SUSE ): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  • CVE-2020-26558 ( NVD ): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  • CVE-2021-0129 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  • CVE-2021-0129 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2021-47145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2021-47275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47295 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47388 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47395 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47468 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47516 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2021-47516 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47520 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47520 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47542 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47542 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  • CVE-2021-47559 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47559 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47580 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
  • CVE-2021-47582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47588 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47597 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-47599 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-20368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-20368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-28748 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
  • CVE-2022-2964 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-2964 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48775 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48794 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2022-48804 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2022-48805 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48810 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48823 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2022-48826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2022-48829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2022-48836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48836 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48850 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48855 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-48857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48863 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  • CVE-2022-48863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52435 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
  • CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52743 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2023-52753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52818 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2023-52819 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26615 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26635 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2024-26636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26880 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-26920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27019 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-27020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27020 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-27025 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2024-27437 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35934 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-35947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35949 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-35966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35995 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2024-36004 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36952 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38558 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  • CVE-2024-38560 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38598 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38630 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-39475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-39475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-39487 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2024-39488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-39490 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-39494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-39494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-39499 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-39501 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-39506 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-39507 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-39509 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40901 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  • CVE-2024-40904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40923 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40932 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  • CVE-2024-40937 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-40941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40966 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40967 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40978 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40987 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
  • CVE-2024-40988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40999 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
  • CVE-2024-41014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41015 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2024-41044 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
  • CVE-2024-41048 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41063 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41063 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41064 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41064 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41066 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41066 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2024-41070 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41071 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-41072 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • CVE-2024-41076 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-41078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-41081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41089 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41090 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • CVE-2024-41091 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  • CVE-2024-41095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42070 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2024-42070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42093 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  • CVE-2024-42096 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2024-42119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42223 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42224 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42224 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Server 12 SP5
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that solves 178 vulnerabilities and has seven security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
  • CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
  • CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
  • CVE-2021-47619: i40e: Fix queues reservation for XDP (bsc#1226645).
  • CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).
  • CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
  • CVE-2024-42223: media: dvb-frontends: tda10048: Fix integer overflow (bsc#1228726).
  • CVE-2024-42119: drm/amd/display: Skip finding free audio for unknown engine_id (bsc#1228584).
  • CVE-2024-42120: drm/amd/display: Check pipe offset before setting vblank (bsc#1228588).
  • CVE-2024-41095: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (bsc#1228662).
  • CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723).
  • CVE-2024-41072: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (bsc#1228626).
  • CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
  • CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
  • CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
  • CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640).
  • CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
  • CVE-2024-41089: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (bsc#1228658).
  • CVE-2024-41060: drm/radeon: check bo_va->bo is non-NULL before using it (bsc#1228567).
  • CVE-2022-48829: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (bsc#1228055).
  • CVE-2022-48828: NFSD: Fix ia_size underflow (bsc#1228054).
  • CVE-2022-48827: NFSD: Fix the behavior of READ near OFFSET_MAX (bsc#1228037).
  • CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
  • CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625).
  • CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
  • CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
  • CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617).
  • CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929).
  • CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228013).
  • CVE-2022-48823: scsi: qedf: Fix refcount issue when LOGO is received during TMF (bsc#1228045).
  • CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649).
  • CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
  • CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
  • CVE-2024-40987: drm/amdgpu: fix UBSAN warning in kv_dpm.c (bsc#1228235).
  • CVE-2022-48826: drm/vc4: Fix deadlock on DSI device attach error (bsc#1227975)
  • CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
  • CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
  • CVE-2024-41016: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
  • CVE-2024-41063: bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580).
  • CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
  • CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
  • CVE-2021-47405: HID: usbhid: free raw_report buffers in usbhid_stop (bsc#1225238).
  • CVE-2024-40988: drm/radeon: fix UBSAN warning in kv_dpm.c (bsc#1227957).
  • CVE-2024-40932: drm/exynos/vidi: fix memory leak in .get_modes() (bsc#1227828).
  • CVE-2021-47403: ipack: ipoctal: fix module reference leak (bsc#1225241).
  • CVE-2021-47388: mac80211: fix use-after-free in CCMP/GCMP RX (bsc#1225214).
  • CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
  • CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
  • CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
  • CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
  • CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
  • CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
  • CVE-2022-48804: vt_ioctl: fix array_index_nospec in vt_setactivate (bsc#1227968).
  • CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
  • CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
  • CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071).
  • CVE-2021-47582: usb: core: Do not hold the device lock while sleeping in do_proc_control() (bsc#1226559).
  • CVE-2024-40982: ssb: fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865).
  • CVE-2021-47468: isdn: mISDN: Fix sleeping function called from invalid context (bsc#1225346).
  • CVE-2021-47395: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (bsc#1225326).
  • CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936).
  • CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045).
  • CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
  • CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550).
  • CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372).
  • CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
  • CVE-2022-48811: ibmvnic: do not release napi in __ibmvnic_open() (bsc#1227928).
  • CVE-2021-0129: Improper access control in BlueZ may have allowed an authenticated user to potentially enable information disclosure via adjacent access (bsc#1186463).
  • CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (bsc#1179610).
  • CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
  • CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
  • CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
  • CVE-2024-40941: wifi: iwlwifi: mvm: do not read past the mfuart notifcation (bsc#1227771).
  • CVE-2022-48860: ethernet: Fix error handling in xemaclite_of_probe (bsc#1228008).
  • CVE-2022-48863: mISDN: Fix memory leak in dsp_pipeline_build() (bsc#1228063).
  • CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
  • CVE-2024-39499: vmci: prevent speculation leaks by sanitizing event in event_deliver() (bsc#1227725).
  • CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
  • CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
  • CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
  • CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
  • CVE-2021-47441: mlxsw: thermal: Fix out-of-bounds memory accesses (bsc#1225224)
  • CVE-2021-47194: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type (bsc#1222829).
  • CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
  • CVE-2022-48775: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj (bsc#1227924).
  • CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
  • CVE-2024-40929: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (bsc#1227774).
  • CVE-2024-40912: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (bsc#1227790).
  • CVE-2024-40942: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (bsc#1227770).
  • CVE-2022-48857: NFC: port100: fix use-after-free in port100_send_complete (bsc#1228005).
  • CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
  • CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len. (bsc#1226555).
  • CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
  • CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
  • CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
  • CVE-2021-47516: nfp: Fix memory leak in nfp_cpp_area_cache_add() (bsc#1225427).
  • CVE-2021-47501: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc (bsc#1225361).
  • CVE-2024-39501: drivers: core: synchronize really_probe() and dev_uevent() (bsc#1227754).
  • CVE-2023-52743: ice: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1225003)
  • CVE-2021-47542: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() (bsc#1225455).
  • CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
  • CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
  • CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
  • CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571).
  • CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
  • CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
  • CVE-2021-47597: inet_diag: fix kernel-infoleak for UDP sockets (bsc#1226553).
  • CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
  • CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
  • CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
  • CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618).
  • CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317).
  • CVE-2024-35978: Bluetooth: Fix memory leak in hci_req_sync_complete() (bsc#1224571).
  • CVE-2023-52669: crypto: s390/aes - Fix buffer overread in CTR mode (bsc#1224637).
  • CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
  • CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616).
  • CVE-2024-35995: ACPI: CPPC: Use access_width over bit_width for system memory accesses (bsc#1224557).
  • CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
  • CVE-2021-47295: net: sched: fix memory leak in tcindex_partial_destroy_work (bsc#1224975)
  • CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686).
  • CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627).
  • CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
  • CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435)
  • CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
  • CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835).
  • CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005).
  • CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
  • CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569).
  • CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532).
  • CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530).
  • CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478).
  • CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593).
  • CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
  • CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
  • CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (bsc#1224622).
  • CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
  • CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
  • CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
  • CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188).
  • CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357).
  • CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965).
  • CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861).
  • CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf (bsc#1222792).
  • CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
  • CVE-2024-38630: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (bsc#1226908).
  • CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
  • CVE-2021-47559: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() (bsc#1225396).

The following non-security bugs were fixed:

  • Fix spurious WARNING caused by a qxl driver patch (bsc#1227213,bsc#1227191)
  • KVM: PPC: Book3S HV: Do not take kvm->lock around kvm_for_each_vcpu (bsc#1065729).
  • KVM: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action() comment (bsc#1065729).
  • KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR (bsc#1065729).
  • KVM: PPC: Book3S: Fix some RCU-list locks (git-fixes).
  • KVM: PPC: Book3S: Only report KVM_CAP_SPAPR_TCE_VFIO on powernv machines (bsc#1065729).
  • KVM: PPC: Book3S: Use new mutex to synchronize access to rtas token list (bsc#1065729).
  • KVM: PPC: Inform the userspace about TCE update failures (bsc#1065729).
  • KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE (bsc#1065729).
  • PCI: Fix resource double counting on remove & rescan (git-fixes).
  • PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
  • PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes).
  • SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
  • SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
  • Tools: hv: kvp: eliminate 'may be used uninitialized' warning (git-fixes).
  • USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
  • btrfs: fix 64bit compat send ioctl arguments not initializing version member (bsc#1228030).
  • btrfs: fix send ioctl on 32bit with 64bit kernel (bsc#1228030).
  • btrfs: incremental send, fix emission of invalid clone operations (bsc#1228030).
  • btrfs: remove unused members dir_path from recorded_ref (bsc#1228030).
  • btrfs: send, improve clone range (bsc#1228030).
  • btrfs: send: add new command FILEATTR for file attributes (bsc#1228030).
  • btrfs: send: add stream v2 definitions (bsc#1228030).
  • btrfs: send: always use the rbtree based inode ref management infrastructure (bsc#1228030).
  • btrfs: send: avoid copying file data (bsc#1228030).
  • btrfs: send: explicitly number commands and attributes (bsc#1228030).
  • btrfs: send: fix failures when processing inodes with no links (bsc#1228030).
  • btrfs: send: fix send failure of a subcase of orphan inodes (bsc#1228030).
  • btrfs: send: fix sending link commands for existing file paths (bsc#1228030).
  • btrfs: send: get rid of i_size logic in send_write() (bsc#1228030).
  • btrfs: send: introduce recorded_ref_alloc and recorded_ref_free (bsc#1228030).
  • btrfs: send: prepare for v2 protocol (bsc#1228030).
  • btrfs: send: refactor arguments of get_inode_info() (bsc#1228030).
  • btrfs: send: remove stale code when checking for shared extents (bsc#1228030).
  • btrfs: send: remove unused found_type parameter to lookup_dir_item_inode() (bsc#1228030).
  • btrfs: send: remove unused send_ctx::{total,cmd}_send_size (bsc#1228030).
  • btrfs: send: use boolean types for current inode status (bsc#1228030).
  • btrfs: silence maybe-uninitialized warning in clone_range (bsc#1228030).
  • drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
  • drm/vc4: dsi: Only register our component once a DSI device is (bsc#1227975)
  • hv_netvsc: rndis_filter needs to select NLS (git-fixes).
  • ipv6: sr: fix incorrect unregister order (git-fixes).
  • kgdb: Add kgdb_has_hit_break function (git-fixes).
  • kgdb: Move the extern declaration kgdb_has_hit_break() to generic kgdb.h (git-fixes).
  • net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).
  • net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
  • net: mana: select PAGE_POOL (git-fixes).
  • net_sched: add a temporary refcnt for struct tcindex_data (bsc#1224975).
  • net_sched: fix a memory leak in cls_tcindex (bsc#1224975).
  • net_sched: fix a missing refcnt in tcindex_init() (bsc#1224975).
  • net_sched: hold rtnl lock in tcindex_partial_destroy_work() (bsc#1224975)
  • nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
  • nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
  • ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
  • ocfs2: remove redundant assignment to variable free_space (bsc#1228409).
  • ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
  • powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
  • sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407).
  • scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
  • scsi: qla2xxx: Complete command early within lock (bsc#1228850).
  • scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
  • scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
  • scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
  • scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
  • scsi: qla2xxx: Fix flash read failure (bsc#1228850).
  • scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
  • scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
  • scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
  • scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
  • scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
  • scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
  • scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
  • scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
  • scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
  • signal: Introduce clear_siginfo (git-fixes).
  • string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850).
  • sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
  • tools lib: Fix builds when glibc contains strlcpy() (git-fixes).
  • tools: hv: fix KVP and VSS daemons exit code (git-fixes).
  • usb: add a hcd_uses_dma helper (git-fixes).
  • usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
  • usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
  • x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes).
  • x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
  • x86/boot/e820: Fix typo in e820.c comment (git-fixes).
  • x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes).
  • x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes).
  • x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
  • x86/fpu: Return proper error codes from user access functions (git-fixes).
  • x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git-fixes).
  • x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git-fixes).
  • x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git-fixes).
  • x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (git-fixes).
  • x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
  • x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).
  • xfs: check that dir block entries do not off the end of the buffer (git-fixes).
  • xfs: refactor xfs_verifier_error and xfs_buf_ioerror (git-fixes).
  • xfs: remove XFS_WANT_CORRUPTED_RETURN from dir3 data verifiers (git-fixes).
  • xhci: Poll for U0 after disabling USB2 LPM (git-fixes).

Special Instructions and Notes:

  • Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2901=1
  • SUSE Linux Enterprise High Performance Computing 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2901=1
  • SUSE Linux Enterprise Server 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2901=1

Package List:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64)
    • kernel-azure-4.12.14-16.194.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
    • kernel-azure-debugsource-4.12.14-16.194.1
    • kernel-azure-devel-4.12.14-16.194.1
    • kernel-azure-base-4.12.14-16.194.1
    • kernel-azure-base-debuginfo-4.12.14-16.194.1
    • kernel-syms-azure-4.12.14-16.194.1
    • kernel-azure-debuginfo-4.12.14-16.194.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
    • kernel-devel-azure-4.12.14-16.194.1
    • kernel-source-azure-4.12.14-16.194.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64)
    • kernel-azure-4.12.14-16.194.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
    • kernel-azure-debugsource-4.12.14-16.194.1
    • kernel-azure-devel-4.12.14-16.194.1
    • kernel-azure-base-4.12.14-16.194.1
    • kernel-azure-base-debuginfo-4.12.14-16.194.1
    • kernel-syms-azure-4.12.14-16.194.1
    • kernel-azure-debuginfo-4.12.14-16.194.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
    • kernel-devel-azure-4.12.14-16.194.1
    • kernel-source-azure-4.12.14-16.194.1
  • SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64)
    • kernel-azure-4.12.14-16.194.1
  • SUSE Linux Enterprise Server 12 SP5 (x86_64)
    • kernel-azure-debugsource-4.12.14-16.194.1
    • kernel-azure-devel-4.12.14-16.194.1
    • kernel-azure-base-4.12.14-16.194.1
    • kernel-azure-base-debuginfo-4.12.14-16.194.1
    • kernel-syms-azure-4.12.14-16.194.1
    • kernel-azure-debuginfo-4.12.14-16.194.1
  • SUSE Linux Enterprise Server 12 SP5 (noarch)
    • kernel-devel-azure-4.12.14-16.194.1
    • kernel-source-azure-4.12.14-16.194.1

References: